@echo off goto BEGIN #------------------------------------------------------------------------------ # This is a MS Active Directory security assessment script # The script collects information into XML result file # Analysis of information is performed through the server part of the script # # Run on a domain member server/controller with Domain Admin privileges # # Copyright (C) 2008-2009 by Eugene Taylashev under GNU GPL v3 (www.gnu.org) # This is a FREE software, and it comes WITHOUT any warranty. # # Script homepage: http://www.lbsecurity.org # #------------------------------------------------------------------------------ :BEGIN rem --- Set script internal vars setlocal rem #-- Script version set SCR_VER=1.0 set VBS_FILE=assess-ad.vbs set VBS_EXE=%SystemRoot%\system32\cscript.exe goto MAIN #=========================== Main section ===================================== :MAIN rem -- check that VB Script could be executed if not exist %VBS_EXE% goto USAGE rem -- Create the temp VB file call :create_VBS %VBS_FILE% rem -- Run the VB assessment file %VBS_EXE% /nologo %VBS_FILE% rem -- Delete the temp VB file if exist %VBS_FILE% del /Q/F %VBS_FILE% rem -- Done goto END #=================================================== # Create the VBS file to assess the domain # Input: %1 - filename to save #=================================================== :create_VBS echo '---------------------------------------------------------------------------- >%1 echo ' This script collects audit information from an Active Directory and stores >>%1 echo ' it in an XML file, ready for further analysis >>%1 echo ' >>%1 echo ' Copyright (C) 2008-2009 by Eugene Taylashev under GNU GPL v3 >>%1 echo ' >>%1 echo ' Run on an Active Directory domain member server/controller with Domain Admin privileges >>%1 echo '----------------------------------------------------------------------------- >>%1 echo Option EXPLICIT >>%1 echo. >>%1 echo '---------------------------- Global Vars and Constants ----------------------- >>%1 echo Public Const gSnapShotHeader = ">%1 echo Public Const SCRIPT_VERSON="0.4" >>%1 echo. >>%1 echo '-- open file manupulation >>%1 echo Public Const FILE_OPEN_READ = 1, FILE_OPEN_WRITE = 2, FILE_OPEN_APPEND = 8 >>%1 echo Public Const FILE_OPEN_DEFAULT = -2, FILE_OPEN_ASCII = 0, FILE_OPEN_UNICODE = -1 >>%1 echo. >>%1 echo '-- ADSTYPEENUM >>%1 echo Public Const ADSTYPE_DN_STRING=1, ADSTYPE_CASE_EXACT_STRING=2, ADSTYPE_CASE_IGNORE_STRING=3 >>%1 echo Public Const ADSTYPE_PRINTABLE_STRING=4, ADSTYPE_NUMERIC_STRING=5, ADSTYPE_BOOLEAN=6 >>%1 echo Public Const ADSTYPE_INTEGER=7, ADSTYPE_OCTET_STRING=8, ADSTYPE_UTC_TIME=9 >>%1 echo Public Const ADSTYPE_LARGE_INTEGER=10, ADSTYPE_PROV_SPECIFIC=11, ADSTYPE_OBJECT_CLASS=12 >>%1 echo Public Const ADSTYPE_NT_SECURITY_DESCRIPTOR=25, ADSTYPE_UNKNOWN=26, ADSTYPE_INVALID=0 >>%1 echo. >>%1 echo Public Const ADS_OPTION_SECURITY_MASK =^&H3 >>%1 echo Public Const SE_DACL_PROTECTED = ^&H1000, SE_SACL_PROTECTED = ^&H2000 >>%1 echo. >>%1 echo '-- ADS_SECURITY_INFO_ENUM >>%1 echo Public Const ADS_SECURITY_INFO_OWNER = ^&H1 >>%1 echo Public Const ADS_SECURITY_INFO_GROUP = ^&H2 >>%1 echo Public Const ADS_SECURITY_INFO_DACL = ^&H4 >>%1 echo Public Const ADS_SECURITY_INFO_SACL = ^&H8 >>%1 echo. >>%1 echo '-- ADS_ACETYPE_ENUM >>%1 echo Public Const ADS_ACETYPE_ACCESS_ALLOWED = ^&H0 >>%1 echo Public Const ADS_ACETYPE_ACCESS_DENIED = ^&H1 >>%1 echo Public Const ADS_ACETYPE_SYSTEM_AUDIT = ^&H2 >>%1 echo Public Const ADS_ACETYPE_ACCESS_ALLOWED_OBJECT = ^&H5 >>%1 echo Public Const ADS_ACETYPE_ACCESS_DENIED_OBJECT = ^&H6 >>%1 echo Public Const ADS_ACETYPE_SYSTEM_AUDIT_OBJECT = ^&H7 >>%1 echo. >>%1 echo '-- ADS_RIGHTS_ENUM >>%1 echo Public Const ADS_RIGHT_DELETE = ^&H10000 >>%1 echo Public Const ADS_RIGHT_READ_CONTROL = ^&H20000 >>%1 echo Public Const ADS_RIGHT_WRITE_DAC = ^&H40000 >>%1 echo Public Const ADS_RIGHT_WRITE_OWNER = ^&H80000 >>%1 echo Public Const ADS_RIGHT_SYNCHRONIZE = ^&H100000 >>%1 echo Public Const ADS_RIGHT_ACCESS_SYSTEM_SECURITY = ^&H1000000 >>%1 echo Public Const ADS_RIGHT_GENERIC_READ = ^&H80000000 >>%1 echo Public Const ADS_RIGHT_GENERIC_WRITE = ^&H40000000 >>%1 echo Public Const ADS_RIGHT_GENERIC_EXECUTE = ^&H20000000 >>%1 echo Public Const ADS_RIGHT_GENERIC_ALL = ^&H10000000 >>%1 echo Public Const ADS_RIGHT_DS_CREATE_CHILD = ^&H1 >>%1 echo Public Const ADS_RIGHT_DS_DELETE_CHILD = ^&H2 >>%1 echo Public Const ADS_RIGHT_ACTRL_DS_LIST = ^&H4 >>%1 echo Public Const ADS_RIGHT_DS_SELF = ^&H8 >>%1 echo Public Const ADS_RIGHT_DS_READ_PROP = ^&H10 >>%1 echo Public Const ADS_RIGHT_DS_WRITE_PROP = ^&H20 >>%1 echo Public Const ADS_RIGHT_DS_DELETE_TREE = ^&H40 >>%1 echo Public Const ADS_RIGHT_DS_LIST_OBJECT = ^&H80 >>%1 echo Public Const ADS_RIGHT_DS_CONTROL_ACCESS = ^&H100 >>%1 echo. >>%1 echo '-- ADS_ACEFLAG_ENUM >>%1 echo Public Const ADS_ACEFLAG_INHERIT_ACE = ^&H2 >>%1 echo Public Const ADS_ACEFLAG_NO_PROPAGATE_INHERIT_ACE = ^&H4 >>%1 echo Public Const ADS_ACEFLAG_INHERIT_ONLY_ACE = ^&H8 >>%1 echo Public Const ADS_ACEFLAG_INHERITED_ACE = ^&H10 >>%1 echo Public Const ADS_ACEFLAG_VALID_INHERIT_FLAGS = ^&H1f >>%1 echo Public Const ADS_ACEFLAG_SUCCESSFUL_ACCESS = ^&H40 >>%1 echo Public Const ADS_ACEFLAG_FAILED_ACCESS = ^&H80 >>%1 echo. >>%1 echo '------- Other constants >>%1 echo Public Const MIN_IN_DAY = 1440 >>%1 echo Public Const SEC_IN_MIN = 60 >>%1 echo. >>%1 echo. >>%1 echo Dim oFS, sFileXML, oFileXML, iIndent, aAttr >>%1 echo Dim sTarget, dObtained >>%1 echo. >>%1 echo Dim aMonth >>%1 echo aMonth = Array( "", "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", _ >>%1 echo "Sep", "Oct", "Nov", "Dec" ) >>%1 echo. >>%1 echo '============================== Main Section ================================== >>%1 echo On Error Resume Next >>%1 echo. >>%1 echo '-- get initial system/AD info using rootDSE >>%1 echo Dim oRootDSE >>%1 echo. >>%1 echo '-- verify that the assessment host is part of the AD domain (should be Win2k* ) >>%1 echo 'The RootDse is a special LDAP object that exists on all LDAP v3 servers. With it you can write scripts that are independent of the domain or enterprise on which they are run >>%1 echo Set oRootDSE = GetObject("LDAP://rootDSE") >>%1 echo If IsError("") or not IsObject(oRootDSE) or IsNull( oRootDSE ) Then >>%1 echo printError( "Not a domain memeber/controller. Aborting...") >>%1 echo die >>%1 echo End If >>%1 echo. >>%1 echo. >>%1 echo. >>%1 echo '-- Get Environment vars >>%1 echo Dim oShell, oEnv, sHost, sDom, sUser >>%1 echo Set oShell = CreateObject("Wscript.Shell") >>%1 echo Set oEnv = oShell.Environment("Process") >>%1 echo sHost = oEnv("COMPUTERNAME") '-- Get Host name >>%1 echo sDom = oEnv("USERDOMAIN") '-- Get Logon domain >>%1 echo sUser = oEnv("USERNAME") '-- Get user name >>%1 echo. >>%1 echo Set oEnv = Nothing >>%1 echo Set oShell = Nothing >>%1 echo. >>%1 echo '-- Init target vars >>%1 echo sTarget = sDom >>%1 echo dObtained = Now >>%1 echo. >>%1 echo '-- create an object for XML tag attributes >>%1 echo If IsEmpty( aAttr ) Then >>%1 echo Set aAttr = CreateObject("Scripting.Dictionary") >>%1 echo End If >>%1 echo. >>%1 echo '-- create the filesystem object >>%1 echo If IsEmpty( oFS ) Then >>%1 echo Set oFS = CreateObject("Scripting.FileSystemObject") '- FileSystem object >>%1 echo End If >>%1 echo. >>%1 echo. >>%1 echo '-- create the XML file >>%1 echo sFileXML = sTarget + ".assess_ad_"+formatDigDate(dObtained)+".xml" >>%1 echo printDebug( "sFileXML=" + sFileXML ) >>%1 echo Set oFileXML = oFS.OpenTextFile(sFileXML, FILE_OPEN_WRITE, True, FILE_OPEN_UNICODE ) >>%1 echo If IsError("could not create the file "+sFileXML) Then >>%1 echo die >>%1 echo End If >>%1 echo. >>%1 echo '-- write the XML header into the assessment file >>%1 echo outLine( "" ) >>%1 echo outLine( gSnapShotHeader ^&SCRIPT_VERSON^& "'>") : IncrIndent >>%1 echo outTag "credential", sDom+"\"+sUser >>%1 echo outTag "assessment_time", formatDateDDMMMYYYY( dObtained ) >>%1 echo outTag "assessment_host", sHost >>%1 echo outTag "target", sTarget >>%1 echo. >>%1 echo assess_AD_domain '-- output domain info >>%1 echo. >>%1 echo. >>%1 echo '-- end the XML tag >>%1 echo outLine( "" ) : DecrIndent >>%1 echo. >>%1 echo '-- close everything >>%1 echo oFileXML.Close >>%1 echo Set oFileXML = Nothing >>%1 echo Set oFS = Nothing >>%1 echo Set aAttr = Nothing >>%1 echo Set oRootDSE = Nothing >>%1 echo '------------------------------- End of Main Section -------------------------- >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Glob Vars: oRootDSE >>%1 echo '============================================================================= >>%1 echo Sub assess_AD_domain() >>%1 echo Dim strFuncName : strFuncName="assess_AD_domain" >>%1 echo. >>%1 echo ' On Error Resume Next >>%1 echo printDebug( "+++++ " ^& strFuncName ) >>%1 echo. >>%1 echo '-- get initial system/AD info using ADSystemInfo >>%1 echo Dim oSysInfo, sLDAP >>%1 echo Set oSysInfo = CreateObject("ADSystemInfo") >>%1 echo If IsError("") or not IsObject(oSysInfo) or IsNull( oSysInfo ) Then >>%1 echo printError( "Not a domain memeber/controller. Aborting...") >>%1 echo die >>%1 echo End If >>%1 echo. >>%1 echo openXMLtag "domain_ad" >>%1 echo '-- output domain params from ADSystemInfo >>%1 echo outTag "DomainShortName", oSysInfo.DomainShortName >>%1 echo outTag "SiteName", oSysInfo.SiteName >>%1 echo outTag "DomainDNSName", oSysInfo.DomainDNSName >>%1 echo outTag "ForestDNSName", oSysInfo.ForestDNSName >>%1 echo addAttr "desc", "Is domain in native mode?" >>%1 echo outTag "IsNativeMode", CStr( oSysInfo.IsNativeMode ) >>%1 echo. >>%1 echo '-- output domain params from rootDSE >>%1 echo sLDAP = "LDAP://" ^& oRootDSE.Get("defaultNamingContext") >>%1 echo outTag "schemaNamingContext", oRootDSE.Get("schemaNamingContext") >>%1 echo outTag "configurationNamingContext", oRootDSE.Get("configurationNamingContext") >>%1 echo outTag "defaultNamingContext", oRootDSE.Get("defaultNamingContext") >>%1 echo outTag "rootDomainNamingContext", oRootDSE.Get("rootDomainNamingContext") >>%1 echo. >>%1 echo '-- output schema, currently only limited classes such as organizationalUnit, user, group, computer >>%1 echo enum_schema >>%1 echo. >>%1 echo '-- extract all AD objects, also could be connection to the Global Catalog i.i. GC:// >>%1 echo enum_AD_objects sLDAP >>%1 echo. >>%1 echo '-- get domain security policy >>%1 echo get_security_policy "WinNT://" ^& oSysInfo.DomainShortName, sLDAP >>%1 echo. >>%1 echo '-- close everything >>%1 echo closeXMLtag "domain_ad" >>%1 echo Set oSysInfo = Nothing >>%1 echo. >>%1 echo printDebug( "----- " ^& strFuncName ) >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Glob Vars: oRootDSE >>%1 echo '============================================================================= >>%1 echo Sub enum_AD_objects( ByVal sLDAP) >>%1 echo Dim strFuncName : strFuncName="enum_AD_objects" >>%1 echo. >>%1 echo ' On Error Resume Next >>%1 echo printDebug( "+++++ " ^& strFuncName ) >>%1 echo. >>%1 echo Dim oADconn, oCmd, oRSet, iRecs >>%1 echo. >>%1 echo openXMLtag "objects" >>%1 echo Set oADconn = CreateObject("ADODB.Connection") >>%1 echo oADconn.Open "Provider=ADsDSOObject;" >>%1 echo. >>%1 echo Set oCmd=CreateObject("ADODB.Command") >>%1 echo oCmd.ActiveConnection = oADconn >>%1 echo. >>%1 echo '-- run the main query >>%1 echo oCmd.CommandText = "SELECT ADsPath FROM '" ^& sLDAP ^& "'" >>%1 echo. >>%1 echo Set oRSet = oCmd.Execute >>%1 echo. >>%1 echo If oRSet.EOF Then >>%1 echo outComment "Error: No records for the query " ^& oCmd.CommandText >>%1 echo closeXMLtag "objects" >>%1 echo Set oCmd = Nothing >>%1 echo Set oADconn = Nothing >>%1 echo printDebug( "----- " ^& strFuncName ) >>%1 echo Exit Sub >>%1 echo End If >>%1 echo. >>%1 echo ' iRecs = oRSet.RecordCount '-- number of returned records >>%1 echo. >>%1 echo Dim sClass, oObj, sTmp >>%1 echo oRSet.MoveFirst >>%1 echo Do Until oRSet.EOF >>%1 echo get_AD_object oRSet.Fields("ADsPath") >>%1 echo oRSet.MoveNext >>%1 echo Loop >>%1 echo. >>%1 echo closeXMLtag "objects" >>%1 echo. >>%1 echo oRSet.Close >>%1 echo Set oRSet = Nothing >>%1 echo Set oCmd = Nothing >>%1 echo Set oADconn = Nothing >>%1 echo printDebug( "----- " ^& strFuncName ) >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Obtain details about an AD object. Output as XML >>%1 echo '============================================================================= >>%1 echo Sub get_AD_object( ByVal ADsPath ) >>%1 echo. >>%1 echo On Error Resume Next >>%1 echo. >>%1 echo Dim oObject, i, X, Y, sStr, bOut, lInt >>%1 echo Dim arrbytGuid, strHexGuid, strGuid >>%1 echo Dim v, propVal >>%1 echo. >>%1 echo Set oObject = GetObject(ADsPath) >>%1 echo If not IsObject( oObject ) Then >>%1 echo printError( "Could not get object " ^& ADsPath ^& "; description: " ^& Err.Description) >>%1 echo Err.Clear >>%1 echo Exit Sub >>%1 echo End If >>%1 echo. >>%1 echo addAttr "DN", Replace( ADsPath, "LDAP://","") >>%1 echo addAttr "count_children",oObject.PropertyCount '-- number of attributes >>%1 echo openXMLtag "object" >>%1 echo. >>%1 echo oObject.SetOption ADS_OPTION_SECURITY_MASK, ADS_SECURITY_INFO_OWNER _ >>%1 echo Or ADS_SECURITY_INFO_GROUP Or ADS_SECURITY_INFO_DACL _ >>%1 echo Or ADS_SECURITY_INFO_SACL >>%1 echo. >>%1 echo oObject.GetInfo '--- Load into ADSI's caches >>%1 echo. >>%1 echo For i = 0 to oObject.PropertyCount -1 >>%1 echo Set X = oObject.Item(i) '-- X as IADsPropertyEntry >>%1 echo For Each Y In X.Values '-- Y as IADsPropertyValue >>%1 echo bOut = true >>%1 echo addAttr "type", X.Name >>%1 echo addAttr "ADsType", Y.ADsType >>%1 echo Select Case Y.ADsType >>%1 echo Case ADSTYPE_DN_STRING >>%1 echo sStr = Y.DNString >>%1 echo Case ADSTYPE_CASE_EXACT_STRING >>%1 echo sStr = Y.CaseExactString >>%1 echo Case ADSTYPE_CASE_IGNORE_STRING >>%1 echo sStr = Y.CaseIgnoreString >>%1 echo Case ADSTYPE_PRINTABLE_STRING >>%1 echo sStr = Y.PrintableString >>%1 echo Case ADSTYPE_NUMERIC_STRING >>%1 echo sStr = Y.NumericString >>%1 echo Case ADSTYPE_BOOLEAN >>%1 echo 'sStr = Y.Boolean >>%1 echo sStr = formatYesNo( Y.Boolean ) >>%1 echo Case ADSTYPE_INTEGER >>%1 echo sStr = Y.Integer >>%1 echo Case ADSTYPE_OCTET_STRING >>%1 echo arrbytGuid = Y.OctetString >>%1 echo strHexGuid = OctetToHexStr(arrbytGuid) >>%1 echo strGuid = HexGuidToGuidStr(strHexGuid) >>%1 echo sStr = strGuid >>%1 echo Case ADSTYPE_UTC_TIME >>%1 echo sStr = Y.UTCTime >>%1 echo Case ADSTYPE_LARGE_INTEGER >>%1 echo Set lInt = Y.LargeInteger >>%1 echo sStr = Hex( lInt.HighPart) ^& ":" ^& Hex( lInt.LowPart ) >>%1 echo addAttr "syntax", "hex" >>%1 echo addAttr "date_UTC", formatINTEGER8( lInt ) >>%1 echo Set lInt = Nothing >>%1 echo. >>%1 echo Case ADSTYPE_NT_SECURITY_DESCRIPTOR >>%1 echo enum_SecurityDescriptor( Y.SecurityDescriptor ) >>%1 echo bOut = false '-- the sub above handles XML tag output >>%1 echo. >>%1 echo Case Else >>%1 echo sStr = "" >>%1 echo. >>%1 echo End Select >>%1 echo. >>%1 echo If bOut Then >>%1 echo outTag "attribute", sStr >>%1 echo End If >>%1 echo sStr = "" >>%1 echo Next >>%1 echo Next >>%1 echo. >>%1 echo closeXMLtag "object" >>%1 echo. >>%1 echo Set oObject = Nothing >>%1 echo Set X = Nothing >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================== >>%1 echo ' Obtain NT Security Descriptor details for an Object, output as XML >>%1 echo '============================================================================== >>%1 echo Sub enum_SecurityDescriptor( ByVal oSecDescr ) >>%1 echo. >>%1 echo openXMLtag "attribute" >>%1 echo. >>%1 echo openXMLtag "SecurityDescriptor" >>%1 echo outTag "Owner", oSecDescr.Owner >>%1 echo outTag "Group", oSecDescr.Group >>%1 echo outTag "Revision", oSecDescr.Revision >>%1 echo. >>%1 echo. >>%1 echo Dim iSecDescripControl, bFlg >>%1 echo iSecDescripControl = oSecDescr.Control >>%1 echo ' addAttr "syntax","hex" >>%1 echo outTag "Control", myHex( iSecDescripControl ) >>%1 echo bFlg = not (iSecDescripControl And SE_DACL_PROTECTED) >>%1 echo outComment "Allow inheritable permissions from the parent to " ^& _ >>%1 echo "propogate to this object and all child objects " >>%1 echo outTag "inherit_permissions", formatYesNo( bFlg ) >>%1 echo bFlg = not (iSecDescripControl And SE_SACL_PROTECTED) >>%1 echo outComment "Allow inheritable auditing entries from " ^& _ >>%1 echo "the parent to propogate to this object and all child objects " >>%1 echo outTag "inherit_auditing", formatYesNo( bFlg ) >>%1 echo. >>%1 echo get_ACEs oSecDescr.DiscretionaryAcl, "DiscretionaryACL" >>%1 echo get_ACEs oSecDescr.SystemAcl, "SystemACL" >>%1 echo. >>%1 echo closeXMLtag "SecurityDescriptor" >>%1 echo closeXMLtag "attribute" >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================== >>%1 echo ' >>%1 echo '============================================================================== >>%1 echo Sub get_ACEs( ByVal oxACL, ByVal sTag) >>%1 echo. >>%1 echo Dim iAceCount, oACE, iAceType, sTmp >>%1 echo. >>%1 echo addAttr "count_children",oxACL.AceCount >>%1 echo addAttr "revision", oxACL.AclRevision >>%1 echo openXMLtag sTag >>%1 echo. >>%1 echo iAceCount = 0 >>%1 echo For Each oACE In oxACL >>%1 echo iAceCount = iAceCount + 1 >>%1 echo addAttr "id", iAceCount >>%1 echo openXMLtag "AccessControlEntry" >>%1 echo outTag "Trustee", oACE.Trustee >>%1 echo. >>%1 echo iAceType = oACE.AceType >>%1 echo If (iAceType = ADS_ACETYPE_ACCESS_ALLOWED Or _ >>%1 echo iAceType = ADS_ACETYPE_ACCESS_ALLOWED_OBJECT) Then >>%1 echo sTmp = "Allow Access" >>%1 echo ElseIf (iAceType = ADS_ACETYPE_ACCESS_DENIED Or _ >>%1 echo iAceType = ADS_ACETYPE_ACCESS_DENIED_OBJECT) Then >>%1 echo sTmp = "Deny Access" >>%1 echo ElseIf (iAceType = ADS_ACETYPE_SYSTEM_AUDIT or _ >>%1 echo iAceType = ADS_ACETYPE_SYSTEM_AUDIT_OBJECT) Then >>%1 echo sTmp = "Success or Failure Audit" >>%1 echo Else >>%1 echo sTmp = "Unknown" >>%1 echo End If >>%1 echo addAttr "desc", sTmp >>%1 echo outTag "AceType", oACE.AceType >>%1 echo. >>%1 echo ' addAttr "syntax","hex" >>%1 echo outTag "AccessMask", myHex(oACE.AccessMask) >>%1 echo ' ReadBitsInAccessMask(oACE.AccessMask) >>%1 echo. >>%1 echo ' addAttr "syntax","hex" >>%1 echo outTag "AceFlags", myHex(oACE.AceFlags) >>%1 echo closeXMLtag "AccessControlEntry" >>%1 echo Next >>%1 echo. >>%1 echo closeXMLtag sTag >>%1 echo. >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo. >>%1 echo '============================================================================== >>%1 echo '============================================================================== >>%1 echo Sub ReadBitsInAccessMask(AccessMask) >>%1 echo. >>%1 echo openXMLtag "Access_Rights" >>%1 echo If (AccessMask And ADS_RIGHT_DELETE) Then _ >>%1 echo addAttr "type","standard" >>%1 echo outTag "access_right", "delete an object" >>%1 echo If (AccessMask And ADS_RIGHT_READ_CONTROL) Then _ >>%1 echo addAttr "type","standard" >>%1 echo outTag "access_right", "read permissions" >>%1 echo If (AccessMask And ADS_RIGHT_WRITE_DAC) Then _ >>%1 echo addAttr "type","standard" >>%1 echo outTag "access_right", "write permissions" >>%1 echo If (AccessMask And ADS_RIGHT_WRITE_OWNER) Then _ >>%1 echo addAttr "type","standard" >>%1 echo outTag "access_right", "modify owner" >>%1 echo. >>%1 echo If (AccessMask And ADS_RIGHT_DS_CREATE_CHILD) Then _ >>%1 echo addAttr "type","ADS specific" >>%1 echo outTag "access_right", "create child objects" >>%1 echo If (AccessMask And ADS_RIGHT_DS_DELETE_CHILD) Then _ >>%1 echo addAttr "type","ADS specific" >>%1 echo outTag "access_right", "delete child objects" >>%1 echo If (AccessMask And ADS_RIGHT_ACTRL_DS_LIST) Then _ >>%1 echo addAttr "type","ADS specific" >>%1 echo outTag "access_right", "enumerate an object" >>%1 echo If (AccessMask And ADS_RIGHT_DS_READ_PROP) Then _ >>%1 echo addAttr "type","ADS specific" >>%1 echo outTag "access_right", "read the properties of an object" >>%1 echo If (AccessMask And ADS_RIGHT_DS_WRITE_PROP) Then _ >>%1 echo addAttr "type","ADS specific" >>%1 echo outTag "access_right", "write the properties of an object" >>%1 echo If (AccessMask And ADS_RIGHT_DS_DELETE_TREE) Then _ >>%1 echo addAttr "type","ADS specific" >>%1 echo outTag "access_right", "delete a tree of objects" >>%1 echo If (AccessMask And ADS_RIGHT_DS_LIST_OBJECT) Then _ >>%1 echo addAttr "type","ADS specific" >>%1 echo outTag "access_right", "list a tree of objects" >>%1 echo. >>%1 echo If (AccessMask And ADS_RIGHT_DS_CONTROL_ACCESS) + _ >>%1 echo (AccessMask And ADS_RIGHT_DS_SELF) = 0 Then >>%1 echo addAttr "type","Control Access" >>%1 echo outTag "access_right", "none" >>%1 echo Else >>%1 echo If (AccessMask And ADS_RIGHT_DS_CONTROL_ACCESS) Then _ >>%1 echo addAttr "type","Control Access" >>%1 echo outTag "access_right", "Extended access rights" >>%1 echo If (AccessMask And ADS_RIGHT_DS_SELF) Then >>%1 echo addAttr "type","Control Access" >>%1 echo outTag "access_right", "modify the group membership of a group object" >>%1 echo End If >>%1 echo End If >>%1 echo closeXMLtag "Access_Rights" >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Glob Vars: none >>%1 echo '============================================================================= >>%1 echo Sub enum_schema() >>%1 echo openXMLtag "schema" >>%1 echo outComment "currently only limited classes such as organizationalUnit, user, group, computer" >>%1 echo 'Shared Folders Published in Active Directory objectClass='volume' >>%1 echo 'Printer objectClass='printQueue' >>%1 echo addAttr "type", "organizationalUnit" >>%1 echo openXMLtag "class" >>%1 echo getSchema "organizationalUnit" >>%1 echo closeXMLtag "class" >>%1 echo addAttr "type", "computer" >>%1 echo openXMLtag "class" >>%1 echo getSchema "computer" >>%1 echo closeXMLtag "class" >>%1 echo addAttr "type", "group" >>%1 echo openXMLtag "class" >>%1 echo getSchema "group" >>%1 echo closeXMLtag "class" >>%1 echo addAttr "type", "user" >>%1 echo openXMLtag "class" >>%1 echo getSchema "user" >>%1 echo closeXMLtag "class" >>%1 echo closeXMLtag "schema" >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Glob Vars: none >>%1 echo '============================================================================= >>%1 echo Sub getSchema( ByVal sClass ) >>%1 echo. >>%1 echo Dim oUserClass, oSchemaClass >>%1 echo. >>%1 echo Set oUserClass = GetObject("LDAP://schema/" ^& sClass ) >>%1 echo Set oSchemaClass = GetObject(oUserClass.Parent) >>%1 echo. >>%1 echo Dim sAttr, oAttr >>%1 echo. >>%1 echo '-- Mandatory attributes >>%1 echo For Each sAttr in oUserClass.MandatoryProperties >>%1 echo Set oAttr = oSchemaClass.GetObject("Property", sAttr) >>%1 echo addAttr "isMandatory","yes" >>%1 echo addAttr "type", oAttr.Syntax >>%1 echo If oAttr.MultiValued Then >>%1 echo addAttr "valued", "multivalued" >>%1 echo Else >>%1 echo addAttr "valued", "single-valued" >>%1 echo End If >>%1 echo outTag "attribute", sAttr >>%1 echo Next >>%1 echo. >>%1 echo '-- Optional attributes >>%1 echo For Each sAttr in oUserClass.OptionalProperties >>%1 echo Set oAttr = oSchemaClass.GetObject("Property", sAttr) >>%1 echo addAttr "isMandatory","no" >>%1 echo addAttr "type", oAttr.Syntax >>%1 echo If oAttr.MultiValued Then >>%1 echo addAttr "valued", "multivalued" >>%1 echo Else >>%1 echo addAttr "valued", "single-valued" >>%1 echo End If >>%1 echo outTag "attribute", sAttr >>%1 echo Next >>%1 echo. >>%1 echo '-- clear vars >>%1 echo Set oAttr = Nothing >>%1 echo Set oUserClass = Nothing >>%1 echo Set oSchemaClass = Nothing >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Query WinNT domain security policy (one per a domain ) >>%1 echo '============================================================================= >>%1 echo Sub get_security_policy( ByVal sWinNT, ByVal sLDAP ) >>%1 echo. >>%1 echo Dim strFuncName : strFuncName="get_security_policy" >>%1 echo. >>%1 echo ' On Error Resume Next >>%1 echo printDebug( "+++++ " ^& strFuncName ) >>%1 echo. >>%1 echo Dim oDomain, oAdS >>%1 echo. >>%1 echo openXMLtag "domain_security_policy" >>%1 echo outComment "Domain security policies usually are in the Default Domain Policy GPO/Computer Configuration/Windows Settings/Security Settings" >>%1 echo. >>%1 echo Set oDomain = GetObject(sWinNT) >>%1 echo Set oAdS = GetObject(sLDAP) >>%1 echo. >>%1 echo If not ( IsObject( oDomain ) and IsObject( oAdS ) ) Then >>%1 echo printError( "Could not obtain domain security policy" ) >>%1 echo outComment "Could not obtain domain security policy, exiting with a error" >>%1 echo closeXMLtag "domain_security_policy" >>%1 echo printDebug( "----- " ^& strFuncName ) >>%1 echo Exit Sub >>%1 echo End If >>%1 echo. >>%1 echo '-- List Domain Password Policy Settings >>%1 echo openXMLtag "password_policy" >>%1 echo. >>%1 echo Dim iPwdProperties, iMaxPwdAgeSeconds, iMinPwdAgeSeconds >>%1 echo iMaxPwdAgeSeconds = oDomain.Get("MaxPasswordAge") >>%1 echo iMinPwdAgeSeconds = oDomain.Get("MinPasswordAge") >>%1 echo iPwdProperties = oAdS.Get("pwdProperties") '-- Get password property flag >>%1 echo. >>%1 echo addAttr "desc","Enforce password history" >>%1 echo addAttr "measure","passwords remembered" >>%1 echo outTag "PwdHistory", oAdS.Get("pwdHistoryLength") >>%1 echo. >>%1 echo addAttr "desc","Maximum password age" >>%1 echo addAttr "measure","days" >>%1 echo outTag "MaxPasswordAge", Int((iMaxPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) >>%1 echo. >>%1 echo addAttr "desc","Minimum password age" >>%1 echo addAttr "measure","days" >>%1 echo outTag "MinPasswordAge", Int((iMinPwdAgeSeconds/SEC_IN_MIN)/MIN_IN_DAY) >>%1 echo. >>%1 echo addAttr "desc","Minimum password length" >>%1 echo addAttr "measure","characters" >>%1 echo outTag "MinPwdLength", oAdS.Get("minPwdLength") >>%1 echo. >>%1 echo addAttr "desc","Password must meet complexity requirements" >>%1 echo outTag "is_password_complex", formatEnabDisab( iPwdProperties and ^&h1 ) >>%1 echo. >>%1 echo addAttr "desc","Store passwords using reversible encryption" >>%1 echo outTag "is_password_cleartext", formatEnabDisab( iPwdProperties and ^&h16 ) >>%1 echo. >>%1 echo closeXMLtag "password_policy" >>%1 echo. >>%1 echo '-- List Account Lockout Policy Settings >>%1 echo openXMLtag "account_lockout_policy" >>%1 echo Dim iLockOutObservationWindowSeconds, iLockoutDurationSeconds >>%1 echo iLockOutObservationWindowSeconds = oDomain.Get("LockoutObservationInterval") >>%1 echo iLockoutDurationSeconds = oDomain.Get("AutoUnlockInterval") >>%1 echo. >>%1 echo addAttr "desc","Account lockout duration" >>%1 echo addAttr "measure","minutes" >>%1 echo outComment "If AutoUnlockInterval=0 then Administrator must manually unlock locked accounts" >>%1 echo If iLockoutDurationSeconds ^<^> -1 Then >>%1 echo outTag "AutoUnlockInterval", Int(iLockOutDurationSeconds/SEC_IN_MIN) >>%1 echo Else >>%1 echo outTag "AutoUnlockInterval", "0" >>%1 echo End If >>%1 echo. >>%1 echo addAttr "desc","Account lockout threshold" >>%1 echo addAttr "measure","invalid logon attempts" >>%1 echo outTag "lockoutThreshold", oAdS.Get("lockoutThreshold") >>%1 echo. >>%1 echo addAttr "desc","Reset account lockout counter after" >>%1 echo addAttr "measure","minutes" >>%1 echo outTag "LockoutObservationInterval", Int(iLockOutObservationWindowSeconds/SEC_IN_MIN) >>%1 echo. >>%1 echo closeXMLtag "account_lockout_policy" >>%1 echo. >>%1 echo closeXMLtag "domain_security_policy" >>%1 echo. >>%1 echo '-- clean vars >>%1 echo Set oDomain = Nothing >>%1 echo Set oAdS = Nothing >>%1 echo. >>%1 echo printDebug( "----- " ^& strFuncName ) >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Open a XML tag with attributes stored in the global dictionary aAttr >>%1 echo '* Glob Vars: aAttr >>%1 echo '============================================================================= >>%1 echo Sub openXMLtag( ByVal sTag ) >>%1 echo Dim sTmp, sKey, sVal : sTmp="" >>%1 echo '-- check XML tag attributes >>%1 echo If aAttr.Count ^> 0 Then >>%1 echo For each sKey in aAttr.Keys >>%1 echo sVal = aAttr.Item( sKey ) >>%1 echo sTmp = sTmp ^& " " ^& sKey ^& "='" ^& sVal ^& "'" >>%1 echo Next >>%1 echo '-- clear all attributes >>%1 echo aAttr.RemoveAll >>%1 echo End If >>%1 echo. >>%1 echo outLine( PutIndent ^& "<" ^& sTag ^& sTmp ^&">" ) >>%1 echo IncrIndent >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '============================================================================= >>%1 echo Sub closeXMLtag( ByVal sTag ) >>%1 echo DecrIndent >>%1 echo outLine( PutIndent ^& "" ) >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Glob Vars: aAttr >>%1 echo '============================================================================= >>%1 echo Sub outTag( ByVal sTag, ByVal sMsg ) >>%1 echo Dim sTmp, sKey, sVal : sTmp="" >>%1 echo. >>%1 echo '-- check XML tag attributes >>%1 echo If aAttr.Count ^> 0 Then >>%1 echo For each sKey in aAttr.Keys >>%1 echo sVal = aAttr.Item( sKey ) >>%1 echo sTmp = sTmp ^& " " ^& sKey ^& "='" ^& sVal ^& "'" >>%1 echo Next >>%1 echo '-- clear all attributes >>%1 echo aAttr.RemoveAll >>%1 echo End If >>%1 echo If sMsg="" or IsEmpty(sMsg) or IsNull( sMsg) Then >>%1 echo outLine( PutIndent ^& "<" ^& sTag ^& sTmp ^& " />" ) >>%1 echo Else >>%1 echo outLine( PutIndent ^& "<" ^& sTag ^& sTmp ^& ">" ^& sMsg ^& "" ) >>%1 echo End If >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '============================================================================= >>%1 echo Sub outComment( ByVal sMsg ) >>%1 echo outLine( PutIndent ^& "" ) >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Purpose: write a line into the assessment XML file >>%1 echo '* Input: message to output >>%1 echo '* Output: none >>%1 echo '* Global Var: oFileXML >>%1 echo '============================================================================== >>%1 echo Sub outLine( ByVal sMsg ) >>%1 echo sMsg = CStr( sMsg ) >>%1 echo If not IsEmpty( oFileXML ) Then >>%1 echo oFileXML.Write( sMsg ^& NewLine ) >>%1 echo Else >>%1 echo WScript.Echo( sMsg ) >>%1 echo End If >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '============================================================================= >>%1 echo Sub IncrIndent() >>%1 echo iIndent = iIndent + 2 >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '============================================================================= >>%1 echo Sub DecrIndent() >>%1 echo If iIndent^>0 Then >>%1 echo iIndent = iIndent - 2 >>%1 echo Else >>%1 echo iIndent = 0 >>%1 echo End If >>%1 echo End Sub >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '============================================================================= >>%1 echo Function PutIndent() >>%1 echo PutIndent = Space( iIndent ) >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '============================================================================= >>%1 echo Sub addAttr( ByVal sKey, ByVal sVal ) >>%1 echo aAttr.Add sKey, sVal >>%1 echo End Sub >>%1 echo. >>%1 echo. >>%1 echo. >>%1 echo '============================================================================== >>%1 echo '============================================================================== >>%1 echo Function OctetToHexStr(arrbytOctet) >>%1 echo ' Function to convert OctetString (byte array) to Hex string. >>%1 echo 'converts raw binary data (byte arrays) into strings which shows the hexadecimal values (hex string) >>%1 echo Dim k >>%1 echo OctetToHexStr = "" >>%1 echo For k = 1 To Lenb(arrbytOctet) >>%1 echo OctetToHexStr = OctetToHexStr _ >>%1 echo ^& Right("0" ^& Hex(Ascb(Midb(arrbytOctet, k, 1))), 2) >>%1 echo Next >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================== >>%1 echo '============================================================================== >>%1 echo Function HexGuidToGuidStr(strGuid) >>%1 echo ' Function to convert Hex Guid to display form. >>%1 echo Dim k >>%1 echo. >>%1 echo HexGuidToGuidStr = "" >>%1 echo For k = 1 To 4 >>%1 echo HexGuidToGuidStr = HexGuidToGuidStr ^& Mid(strGuid, 9 - 2*k, 2) >>%1 echo Next >>%1 echo HexGuidToGuidStr = HexGuidToGuidStr ^& "-" >>%1 echo For k = 1 To 2 >>%1 echo HexGuidToGuidStr = HexGuidToGuidStr ^& Mid(strGuid, 13 - 2*k, 2) >>%1 echo Next >>%1 echo HexGuidToGuidStr = HexGuidToGuidStr ^& "-" >>%1 echo For k = 1 To 2 >>%1 echo HexGuidToGuidStr = HexGuidToGuidStr ^& Mid(strGuid, 17 - 2*k, 2) >>%1 echo Next >>%1 echo HexGuidToGuidStr = HexGuidToGuidStr ^& "-" ^& Mid(strGuid, 17, 4) >>%1 echo HexGuidToGuidStr = HexGuidToGuidStr ^& "-" ^& Mid(strGuid, 21) >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Purpose: Convert date into string DD-MMM-YYYY >>%1 echo '* Input: date to convert >>%1 echo '* Output: result string >>%1 echo '============================================================================= >>%1 echo Function formatDateDDMMMYYYY( ByVal dDate ) >>%1 echo. >>%1 echo If IsDate( dDate ) Then >>%1 echo formatDateDDMMMYYYY = Add0(DatePart("d", dDate ),2) ^& "-" ^&_ >>%1 echo aMonth( DatePart("m", dDate )) ^& "-" ^&_ >>%1 echo DatePart("yyyy", dDate ) >>%1 echo Else >>%1 echo formatDateDDMMMYYYY = "" >>%1 echo End If >>%1 echo. >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Purpose: Convert date into string YYYYMMDD >>%1 echo '* Input: date to convert >>%1 echo '* Output: result string in format YYYYMMDD or blank string >>%1 echo '============================================================================= >>%1 echo Function formatDigDate( ByVal dDate ) >>%1 echo If IsDate( dDate ) Then >>%1 echo formatDigDate = DatePart("yyyy", dDate ) ^& Add0(DatePart("m", dDate ),2) ^&_ >>%1 echo Add0(DatePart("d", dDate ),2) >>%1 echo Else >>%1 echo formatDigDate = "" >>%1 echo End If >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Purpose: Add leading zeros >>%1 echo '* Input: number to convert, number or required zeros >>%1 echo '* Output: result string >>%1 echo '============================================================================= >>%1 echo Function Add0( ByVal iNum, ByVal iZeros ) >>%1 echo Dim sNum : sNum = CStr( iNum ) >>%1 echo Add0 = String(iZeros-Len(sNum), "0") ^& sNum >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Output a hex number with 0x in front of it >>%1 echo '* Input: number to convert >>%1 echo '* Output: string >>%1 echo '============================================================================= >>%1 echo Function myHex( ByVal iNum ) >>%1 echo myHex = "0x" ^& Hex( iNum ) >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Purpose: Conver Bool val into yes/no >>%1 echo '* Input: bool param >>%1 echo '* Output: string "yes" or "no" >>%1 echo '============================================================================= >>%1 echo Function formatYesNo( ByVal bParam ) >>%1 echo If bParam Then >>%1 echo formatYesNo = "yes" >>%1 echo Else >>%1 echo formatYesNo = "no" >>%1 echo End If >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Purpose: Conver Bool val into enabled/disabled >>%1 echo '* Input: bool param >>%1 echo '* Output: string "enabled" or "disabled" >>%1 echo '============================================================================= >>%1 echo Function formatEnabDisab( ByVal bParam ) >>%1 echo If bParam Then >>%1 echo formatEnabDisab = "enabled" >>%1 echo Else >>%1 echo formatEnabDisab = "disabled" >>%1 echo End If >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Good article http://technet.microsoft.com/en-us/magazine/2006.01.scriptingguy.aspx >>%1 echo '============================================================================= >>%1 echo Function formatINTEGER8( ByVal oLargeInt ) >>%1 echo Dim iTime, iHi, iLow >>%1 echo If IsNull( oLargeInt ) Then >>%1 echo formatINTEGER8 = "" >>%1 echo Exit Function >>%1 echo End If >>%1 echo iHi = oLargeInt.HighPart >>%1 echo iLow = oLargeInt.LowPart >>%1 echo. >>%1 echo If iHi = 0 and iLow = 0 Then >>%1 echo formatINTEGER8 = 0 >>%1 echo Exit Function >>%1 echo End If >>%1 echo iTime = iHi * (2^^32) + iLow >>%1 echo iTime = iTime / (SEC_IN_MIN * 10000000) >>%1 echo iTime = iTime / MIN_IN_DAY >>%1 echo formatINTEGER8 = iTime + #1/1/1601# >>%1 echo 'Both the lastLogon and the lastLogonTimestamp attribute are using the large Integer (64 Bit Integer) syntax >>%1 echo 'to store the logon times. This means the data is not stored as date/time, it is stored as a large integer. >>%1 echo 'This is because the time will be derived using the date 1601-01-01 00:00:00 as starting point and using >>%1 echo '100-nanosecond intervals since that date to represent the last logon time of the user. >>%1 echo. >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Purpose: detect an error >>%1 echo '* Input: message to output >>%1 echo '* Output: true if error >>%1 echo '============================================================================== >>%1 echo Private Function IsError(ByVal sMsg) >>%1 echo. >>%1 echo On Error Resume Next >>%1 echo IsError = False >>%1 echo. >>%1 echo If Err.Number Then >>%1 echo printError( " 0x" + CStr(Hex(Err.Number)) + ":"+ sMsg ) >>%1 echo If Err.Description ^<^> "" Then >>%1 echo printError( " description: " + Err.Description) >>%1 echo End If >>%1 echo Err.Clear >>%1 echo IsError = True >>%1 echo End If >>%1 echo. >>%1 echo End Function >>%1 echo. >>%1 echo. >>%1 echo '============================================================================= >>%1 echo '* Purpose: output information to STDOUT if in Debug mode >>%1 echo '* >>%1 echo '* >>%1 echo '============================================================================= >>%1 echo Sub printDebug(ByVal sMsg) >>%1 echo. >>%1 echo If gDebug Then '-- if debug mode >>%1 echo 'oLogFile.Write( "-- " + sMsg + NewLine ) >>%1 echo Print( "-- " ^& sMsg ) >>%1 echo End If >>%1 echo. >>%1 echo End Sub >>%1 echo. >>%1 echo '============================================================================== >>%1 echo '============================================================================== >>%1 echo Sub PrintError( ByVal sMsg ) >>%1 echo Print "~~~ Error: " ^& sMsg >>%1 echo End Sub >>%1 echo. >>%1 echo '============================================================================== >>%1 echo '============================================================================== >>%1 echo Sub Print( ByVal sMsg ) >>%1 echo WScript.Echo( sMsg ) >>%1 echo End Sub >>%1 echo. >>%1 echo '============================================================================== >>%1 echo '============================================================================== >>%1 echo Sub die >>%1 echo WScript.Quit(13) >>%1 echo End Sub >>%1 echo. >>%1 echo '============================================================================== >>%1 echo '============================================================================== >>%1 echo Public Function NewLine() >>%1 echo ' NewLine = Chr(13) ^& Chr(10) >>%1 echo 'vbTab >>%1 echo NewLine = vbCrLf >>%1 echo End Function >>%1 goto :EOF :USAGE echo This script collects objects and security policy settings of a MS Active Directory echo and saves them into a XML result file. echo. echo Usage: %0 echo. echo Run it on a domain member server/controller with Domain Admin privileges echo The script requires MS VB Script Host file %VBS_EXE% to run goto END :END echo Done!